Commit 55cfb716 authored by Benjamin Fischer's avatar Benjamin Fischer
Browse files

[usermanagement] Updated new controller.

parent ccf9cf97
......@@ -75,7 +75,7 @@ class BaseController(object):
# collect the object to work on
tar = self
tars = deque([tar])
for n in range(len(names) - 1):
while tar and hasattr(tar, "_master"):
tar = tar._master
tars.appendleft(tar)
rights = self._rights.get(rights, self._rights["__default__"])
......@@ -117,34 +117,37 @@ class TableController(BaseController):
super(TableController, self).__init__(*args, **kwargs)
@cherrypy.expose
def create(self, name):
def add(self, name):
self._rt("create")
self._table.create(DB(), name)
@cherrypy.expose
def list(self):
return [entry.to_dict() for entry in self._rf("list", self._table.all(DB()))]
return [
call_mix(entry.to_dict, user=cherrypy.request.user)
for entry in self._rf("list", self._table.all(DB()))
]
@cherrypy.expose
def info(self, name):
base, = self._rga("info", name)
return base.to_dict()
return call_mix(base.to_dict, user=cherrypy.request.user)
@cherrypy.expose
def rename(self, name, new_name):
base, = self._rga("rename", name)
base.rename(DB(), new_name)
base.rename(new_name)
@cherrypy.expose
def delete(self, name):
def remove(self, name):
base, = self._rga("delete", name)
base.delete(DB())
base.delete()
@cherrypy.expose
def update(self, **kwargs):
def update(self, name, **kwargs):
for key, value in kwargs.items():
if key in self._setters:
base, = self._rgs("update_%s" % key, name)
base, = self._rga("update_%s" % key, name)
func = getattr(base, "set_%s" % key)
func(value)
else:
......@@ -155,29 +158,42 @@ class AssociationController(BaseController):
self._assoc = kwargs.pop("assoc", [])
super(AssociationController, self).__init__(*args, **kwargs)
def _info(self, item):
return {
"name": item.name,
}
@cherrypy.expose
def list(self, name):
base, = self._rga("list", name)
func = getattr(base, "get_%ss" % self._assoc)
return [obj.to_dict() for obj in call_mix(func, recursion_depth=0)]
return [self._info(obj) for obj in call_mix(func, recursion_depth=0)]
@cherrypy.expose
def add(self, name, assoc_name):
base, target = self._rga("add", name, assoc_name)
func = getattr(base, "add_%s" % self._assoc)
func(DB(), target)
func(target)
@cherrypy.expose
def remove(self, name, assoc_name):
base, target = self._rga("remove", name, assoc_name)
func = getattr(base, "remove_%s" % self._assoc)
func(DB(), target)
func(target)
class AssociationToGroupController(AssociationController):
def _info(self, item):
return {
"name": getattr(item, self._assoc).name,
"confirmed": item.status == item.CONFIRMED,
}
@cherrypy.expose
def add(self, name, assoc_name, password=""):
try:
super(AssociationToGroupController, self).add(name=name, assoc_name=assoc_name)
base, target = self._rga("add", name, assoc_name)
func = getattr(base, "add_%s" % self._assoc)
func(target, confirmed=0)
except AjaxException as e:
if e.code != 403:
raise e
......@@ -186,38 +202,47 @@ class AssociationToGroupController(AssociationController):
func = getattr(base, "add_%s" % self._assoc)
conft = Group_User_Assoc if self._table.__name__ == "User" else Group_Group_Assoc
if base.privacy == Group.PUBLIC:
func(DB(), target, conft.CONFIRMED)
func(target, conft.CONFIRMED)
elif base.privacy == Group.PROTECTED:
if not sha256_crypt.verify(password, base.password):
raise AjaxException(403)
func(DB(), target, conft.CONFIRMED)
func(target, conft.CONFIRMED)
elif base.privacy == Group.PRIVATE:
func(DB(), target, conft.UNCONFIRMED)
func(target, conft.UNCONFIRMED)
@cherrypy.expose
def confirm(self, name, assoc_name):
base, target = self._rga("confirm", name, assoc_name)
func = getattr(base, "confirm_%s" % self._assoc)
func(DB(), target)
func(target)
class AssociationToProjectController(AssociationController):
def _info(self, item):
return {
"name": getattr(item, self._assoc).name,
"roles": [
role.name for role in item.roles
]
}
class AssociationDeepController(AssociationController):
@cherrypy.expose
def list(self, name, mid_name):
base, mid, = self._rga("list", name)
base, mid, = self._rga("list", name, mid_name)
func = getattr(base, "get_%ss" % self._assoc)
return [obj.to_dict() for obj in call_mix(func, mid, recursion_depth=0)]
return [obj.name for obj in call_mix(func, mid, recursion_depth=0)]
@cherrypy.expose
def add(self, name, mid_name, assoc_name):
base, mid, target = self._rga("add", name, assoc_name)
base, mid, target = self._rga("add", name, mid_name, assoc_name)
func = getattr(base, "add_%s" % self._assoc)
func(DB(), mid, target)
func(mid, target)
@cherrypy.expose
def remove(self, name, mid_name, assoc_name):
base, mid, target = self._rga("remove", name, assoc_name)
base, mid, target = self._rga("remove", name, mid_name, assoc_name)
func = getattr(base, "remove_%s" % self._assoc)
func(DB(), mid, target)
func(mid, target)
class UMAjaxController(AbstractController):
......@@ -244,7 +269,8 @@ class UMAjaxController(AbstractController):
"remove": [
(Rights.manager, Rights.none), # managers can kick members
(Rights.none, Rights.manager), # anyone can leave on their own
]
],
"__default__": (Rights.manager,),
}
# now define the controllers
......@@ -275,6 +301,7 @@ class UMAjaxController(AbstractController):
] + [
AssociationToGroupController(table=t, assoc=a, rights=Rights.extend(rights_assoc, {
"list": (Rights.public,),
"confirm": (Rights.manager, Rights.none),
"add": (Rights.manager, Rights.none),
"add_self": (Rights.none, Rights.manager),
})) for t, a in [
......@@ -297,7 +324,7 @@ class UMAjaxController(AbstractController):
}, assocs=[
AssociationController(table=User, assoc="manager", rights=rights_manager),
] + [
AssociationController(table=t, assoc=a, rights=rights_assoc, assocs=[
AssociationToProjectController(table=t, assoc=a, rights=rights_assoc, assocs=[
AssociationDeepController(table=Role, assoc="%s_role" % a, rights=rights_admin)
]) for t, a in [
(User, "user"),
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment